This article provides the steps required to configure SAML authentication in EloView 4.
Security Assertion Markup Language (SAML) is a standard that allows users to sign in to applications using authentication from another trusted system. Instead of entering a username and password for each application, users authenticate through an identity provider such as Active Directory, Okta, or OneLogin.
Using SAML provides several advantages:
- No need for users to manually enter credentials
- No need to manage or rotate separate application passwords
- Improved security by relying on centralized identity management
- Simplified user access through Single Sign-On (SSO)
With SAML configured, users who are already authenticated through your organization's identity provider can securely access the EloView Cloud Portal.
Enable SAML Configuration
- After signing in to your EloView account, click the drop-down arrow in the upper-right corner of the portal. Select Account, then click the Gear icon to open account settings.
- Select the SAML tab and click Edit.
- Enable the Login via SAML Only toggle.
- After enabling the option, the SAML configuration form will appear.
Complete the SAML Configuration Form
Follow the steps below to populate the SAML configuration fields.
- Create a developer account with either OneLogin or Okta and configure a SAML application.
- Sign in to your SAML developer account.
- Open the SSO tab in your identity provider portal.
- Copy the SAML 2.0 Endpoint (HTTP) value and paste it into the SAML Login URL field in EloView.
- Copy the SLO Endpoint (HTTP) value and paste it into the SAML Logout URL field in EloView.
- Locate the X.509 Certificate in your identity provider settings and select View Details.
- Copy the certificate contents without the BEGIN CERTIFICATE and END CERTIFICATE headers.
- Paste the certificate text into the SAML IDP Certificate field in EloView.
- Add any required domains and users to the configuration.
- Click Apply to save the configuration.
Configure the Identity Provider
After saving the configuration in EloView, the system will generate three URLs:
- Audience
- ACS (Consumer) URL Validator
- ACS (Consumer) URL
Record these URLs and configure them within your SAML identity provider.
You must also configure the following SAML attributes in your identity provider:
- firstName
- lastName
API Token for SSO (SAML) Logins
Organizations that restrict login access to SSO/SAML may still require API authentication for integrations. EloView supports API tokens that allow secure access without user password authentication.
Client credentials are generated from the user profile and used to create authentication tokens through the EloView DevZone API.
Generate OAuth Credentials
1. Navigate to User Profile and click Generate OAuth Credentials to create the Client ID and Client Secret.
- Note: Save these credentials immediately. They will not be visible again after confirmation.
Generate an Authentication Token
2. Go to the DevZone API Authentication page and enter the Client ID and Client Secret in the appropriate fields to generate an authentication token (authPayload value).
Please report any broken links by emailing support@elotouch.com and include a link to the knowledge article